[SECURITY] [DLA 3918-1] docker.io security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3918-1] docker.io security update
From: rouca@debian.org
Date: Sun, 13 Oct 2024 18:59:14 +0000
Message-id: <[🔎] 957b82e1243f2faf14787a47b51ef627.rouca@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3918-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien RoucariÃ¨s
October 13, 2024                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : docker.io
Version        : 20.10.5+dfsg1-1+deb11u3
CVE ID         : CVE-2024-41110
Debian Bug     : 1084993

A vulnerability has been detected in
the Docker Engine, which could allow an attacker
to bypass authorization plugins (AuthZ) under specific
circumstances.

For Debian 11 bullseye, this problem has been fixed in version
20.10.5+dfsg1-1+deb11u3.

We recommend that you upgrade your docker.io packages.

For the detailed security status of docker.io please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/docker.io

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmcMGIERHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF/sdw/+JiaZgD/5M9uy0FEkv+SntUpBMb50jy/T
/CwlngZycCDp5cpO7EkHGXfICsN7oaHDAO477EVxRhWPA6OVjOzMwPXhEfcvZEnc
/LsuCxgaljzBVm0ZVlwkdxz8a4yXefEk1m/MZYHSSz21Q341rmw7sl+RIcFtzGa6
fedGJGwqw4ae1cFUw5MCuN7F/JJ7eGRAQ+OaT1VpzskFpXq1hQTmateIUwsF2Zj+
J8pv/X8OgW1fomTDWecSUDqBXUIBsrGDMD+FOGzpsSZ9Xeer3Ig4zF14ApQCez3P
PvLLT7eUYjGPSDdn0ONKsmtgloj+fssO2gmQ2QRNHqWh8vZiOwsmK6AOFeWNJa52
CpExapEmF6F3o3w3quapjST0dJ5bXEO4fGu76OXSplmhNOO7cYcUaxgclHZLWcVn
TBtKJl/Znb/GtkjKmMaVPvVezi8Cm/Zb1w84SxEC+dGkuW1oPA1yDBDw5nKRU2BO
YuY/SvdfsNGJtGm4tVFWCWst8ILk9giM8tMQDdnP6EBnpp+bJVC+9L2z7rBzSxeB
RnTL5cQdtXMfoH+U1iQbPNyJ35e0l/l7HOsIPR+UpRqps56Htasd7MQJwt7gG8Ua
LuVqOHQ6TPADZKYypxm7L/VeyFFPslLY5kXVYj8gEQCIQAt7Tyd3sWs///FtnQQx
681FUAUVAFQ=
=qh39
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3917-1] python-reportlab security update
Next by Date: [SECURITY] [DLA 3919-1] libapache-mod-jk security update
Previous by thread: [SECURITY] [DLA 3917-1] python-reportlab security update
Next by thread: [SECURITY] [DLA 3919-1] libapache-mod-jk security update
Index(es):
- Date
- Thread